Study on Binary Code Evolution with Concrete Semantic Analysis

The study on binary code evolution is very crucial for understanding vulnerability repair and malicious code variants. Researchers on code evolution focus on the source code level, whereas very few works have been done to tackle this problem at the binary code level. In this paper, a binary code evolution analysis framework is proposed to automatically locate evolution area and identify evolution semantic with concrete semantic difference. Difference of binary function domain was applied based on function similarity. Trace alignment was used to find evolution blocks, instruction classification semantic was utilized to identify evolution operation, and evolution semantic was extracted combined with function domain elements. The experimental results show that binary code evolution analysis framework can correctly locate binary code evolution area and identify all concrete semantic evolution.